CVE-2013-3961

Simple PHP Agenda < 2.2.9 - Authenticated SQL Injection via edit_event.php eventid Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-3961. PoCs published by Anthony Dubuissez.

AI-analyzed exploit summary The advisory describes a SQL injection vulnerability in php-agenda <= 2.2.8, where the edit_event.php file does not properly sanitize parameters, allowing authenticated users to dump database information via a crafted URL.

Description

SQL injection vulnerability in edit_event.php in Simple PHP Agenda before 2.2.9 allows remote authenticated users to execute arbitrary SQL commands via the eventid parameter.

Exploits (1)

exploitdb WRITEUP
by Anthony Dubuissez · textwebappsphp
https://www.exploit-db.com/exploits/26136

The advisory describes a SQL injection vulnerability in php-agenda <= 2.2.8, where the edit_event.php file does not properly sanitize parameters, allowing authenticated users to dump database information via a crafted URL.

Classification
Writeup 100%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: php-agenda <= 2.2.8
Auth required
Prerequisites: Authenticated user access
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Broken Link vdb-entry x_refsource_osvdb
http://osvdb.org/94141
Exploit, Third Party Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/60481
Exploit, Third Party Advisory x_refsource_misc
http://www.webera.fr/advisory-02-php-agenda-isql-exploit
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/84938
Exploit, Issue Tracking mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2013/Jun/67
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/26136

Scores

EPSS 0.0230
EPSS Percentile 81.1%

Details

CWE
CWE-89
Status published
Products (28)
abeel/simple_php_agenda 0.1
abeel/simple_php_agenda 0.1.1
abeel/simple_php_agenda 0.1.2
abeel/simple_php_agenda 0.2.0
abeel/simple_php_agenda 0.2.1
abeel/simple_php_agenda 0.2.2
abeel/simple_php_agenda 0.2.3
abeel/simple_php_agenda 0.2.4
abeel/simple_php_agenda 0.2.5
abeel/simple_php_agenda 0.2.6
... and 18 more
Published Mar 11, 2014
Tracked Since Feb 18, 2026